Archived link

The annual reports from Communications Security Establishment Canada make for unexpectedly good reading. In recent years, the intelligence and cybersecurity agency has intercepted foreign espionage efforts, extremist networks, cybercriminal crews, and sprawling disinformation campaigns. The newest edition recounts how, in 2024, its units shut down a ransomware threat aimed at a Canadian industrial sector in only forty-eight hours.

…

CSE origins stretch back to 1941, when Canada created the Examination Unit (XU), the country’s first civilian bureau devoted to breaking and protecting coded communications. During the war, the XU decrypted enemy messages and forged intelligence relationships that would later anchor today’s Five Eyes alliance. The bureau’s success convinced Ottawa that understanding foreign networks was strategically indispensable, and, in 1946, the Communications Branch of the National Research Council was established—what we now know as CSE.

…

[That’s a Q&A with CSE chief Caroline Xavier about the legacy and the challenges facing the agency today.]

…

Question: What is the greatest cyber threat facing Canadians? What makes us uniquely vulnerable?

CSE chief Caroline Xavier: The most significant threats come from state-sponsored cyber actors who are growing more assertive. These adversaries target Canadian government institutions, critical infrastructure, and private sector organizations to steal sensitive data, disrupt services, and influence public discourse. Their attacks are becoming more sophisticated and persistent.

…

Today, we block billions of malicious actions daily, respond to thousands of cyber incidents annually, and issue pre-ransomware alerts that save Canadian organizations millions of dollars.

…

[The CSE grew] from sixty-two employees in 1946 to over 3,800 today. We publish reports and advisories like the National Cyber Threat Assessment and Threats to Canada’s Democratic Processes. Our latest annual report highlights our work across foreign signals intelligence, cyber operations, Arctic security, and critical infrastructure protection. In it you will read about how, last year alone, we produced over 3,000 foreign intelligence reports, responded to more than 2,000 cyber incidents, and issued 336 pre-ransomware notifications—preventing up to 148 incidents and saving an estimated $6 to $18 million.

…

Ransomware … remains the most pervasive cybercrime affecting Canadians. The attacks are not just costly; they can cripple essential services like health care, energy, and transportation, putting lives and livelihoods at risk.

…

As … a vocal advocate of democratic values, Canada is a high-value target for adversaries seeking to undermine Western institutions. The strategic value of our private sector and world-class universities further increases our exposure to cyber threats.

That exposure is compounded by vulnerabilities closer to home. Our critical infrastructure is often decentralized, managed at provincial and municipal levels, which can result in inconsistent cybersecurity standards and coordination challenges. The cybercrime ecosystem is highly interconnected and often knows no borders.

…

We emphasize the importance of public–private collaboration, threat intelligence sharing, and proactive risk management. Cybersecurity is a shared responsibility, and our collective defence depends on coordinated action across government, industry, and civil society. We encourage all Canadians to explore our latest National Cyber Threat Assessment to better understand the trends we’re seeing and the steps we can all take to stay secure.

…

CSE plays a vital role [in combating disinformation], but we want to be clear: CSE does not monitor domestic communications or social media. Our mandate is strictly focused on foreign signals intelligence and protecting government systems from cyber threats.

Our contribution is more visible through the Security and Intelligence Threats to Elections Task Force, alongside Canadian Security Intelligence Service, the Royal Canadian Mounted Police, and Global Affairs Canada. Together, we identify and reduce threats to Canada’s democratic institutions, including foreign interference and disinformation campaigns targeting voters, political parties, and media.

…

One of the most significant actions was the designation of Ukraine and Latvia’s electronic networks as “Systems of Importance” to the Government of Canada in March 2022. This designation … marked the first time such powers were used for entities outside Canada. It enabled CSE to provide direct cybersecurity assistance to both countries.

…

While CSE maintains deep and long-standing partnerships with the Five Eyes, these relationships operate within clearly defined mandates and operational frameworks. But partnership is only one side of the equation. Protecting sovereignty also means securing not only our borders but also our digital frontiers and the homeland. It’s fundamental to Canada’s national security, economic resilience, and democratic integrity.

…